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Remarks/Arguments 

The Applicants respectfully request further examination and reconsideration in view of 
the comments set forth below. Claims 1-45, 47-52, and 59-71 were pending. Claims 46 and 53- 
58 were previously canceled. Within the Office Action, Claims 1-15, 17-39, 41-45, 47-52, and 
59-69 have been rejected under 35 U.S.C. § 103(a), Claims 16 and 40 have been objected to, and 
Claims 70 and 71 have been allowed. Claims 1-45, 47-52 and 59-71 are still pending. 

Rejections under 35 U.S.C. § 103(a) 

Claims 1-45, 47-52, and 59-69 

Within the Office Action, Claims 1-45, 47-52, and 59-69 have been rejected under 35 
U.S.C. § 103(a) as being unpatentable over U.S. Patent No. 5,029,206 to Marino, Jr. et al. 
("Marino") in view of U.S. Patent No. 6,023,506 to Ote et al. ("Ote"). The Applicants 
respectfully disagree. 

Marino is directed to a "security kernel of a secure processing system for providing 
security management, key management and kernel security functions." (Marino, Abstract) The 
security kernel disclosed in Marino performs high-level functions such as using an application- 
layer protocol to generate traffic encryption keys (Marino, col. 4, lines 35-38), parsing, building, 
and sending messages (id., col. 4, lines 57-62 and 65-67), and providing negotiations to allow the 
determination of security attributes associated with a particular traffic encryption key (id., col. 5, 
lines 3-6). The term "kernel," as used in Marino, indicates that Marino's "kernel system" is a 
central or essential part of its security system. Marino uses the term "kernel" differently than 
"kernel" is used in the present invention. Furthermore, as established Marino does not disclose 
using an encrypted directory. 

Ote is directed to an end-user, file encryption control apparatus and method involving 
simple manipulations, allowing a user to use an icon to select and move individual files into a 
safe folder. Referring to Ote's Figure 6, Ote discloses an encrypted data area that includes file 
location information. Ote explains throughout that this file location information refers to the 
location of an unencrypted file, not the corresponding encrypted file: 

Subsequently, the file encryption means 116 encrypts the location 
information of the unencrypted file 141 on the disk 4 (location 
information of the directory in which the unencrypted file 141 has 
been stored) by using the internal data encryption key 120 and the 
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internal data encryption/decryption means 118 and then stores the 
encrypted location information on the disk 4 as the file location 
information 12141 (step 6005). (Ote, col. 11, line 62, to col. 12, 
line 2; emphasis added) 

The step 6005, discussed here and illustrated in Figure 8 of Ote, clearly states, "Encrypt 
location information of [plain] text file on disk and store encrypted location information" 
(emphasis added). 

Ote's explanation of retrieving an encrypted file confirms that the file location 
information is for the unencrypted file and is used to restore the unencrypted file to its original 
location: 

The file decryption means acquires file location information 
associated with this encrypted file from file location information 
on the encrypted data area 121 and determines the location of the 
original file on the disk 4 (step 7010). Furthermore, the file 
decryption means reads out data of the encrypted file having the 
converted encrypted file name from the encrypted file data 151, 
decrypts the data of the encrypted file by using the decrypted file 
encryption key 1212 and the data encryption/decryption means 
119, and stores the decrypted data of the encrypted file on the 
original location of the disk as an unencrypted (or plain text) 111c 
(step 7011) . (Ote, col. 13, lines 15-26; emphasis added) 

Ote thus recognizes that data can be secured by concealing its location as unencrypted 
data. Ote does not disclose concealing location information of an encrypted file by storing that 
location information in an encrypted directory. 

Ote discusses directories, but not encrypted directories as in accordance with the present 
invention. For example, Ote discloses an encryption folder generation means that creates a 
directory forming an encryption folder. The directory also includes a sub-directory forming an 
encrypted file area 1080. (Ote, col. 4, lines 62-64) Ote explains that the folder is generated 
during initialization to encrypt a file, thus before any encryption occurs. {Id., col. 4, lines 59-62) 
In other words, Ote discloses an encrypted data area having a directory structure that is not 
encrypted: The term "Encrypted" is used to indicate that the area contains encrypted data, not that 
the entire structure, directory included, is encrypted. Elsewhere, when describing a deletion 
function, Ote describes a directory structure in an encrypted file area. (Id., col. 14, lines 23-26) 
Again, this directory structure is not encrypted. 
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Ote explains the operation of its invention in detail, especially encryption and decryption 
operations. For example, from column 12, line 22, to column 13, line 29, Ote discloses in detail 
decrypting an encrypted data file. As part of this process, Ote describes decrypting a password 
(Ote, col. 12, line 37), decrypting file name change information (id., col. 12, line 53), decrypting 
a file encryption key (id., col. 13, lines 5-6), and, finally, decrypting data from the encrypted data 
file (id., col. 13, lines 21-22). Nowhere does Ote disclose decrypting an encrypted directory 
entry that contains location information for an encrypted data file. This is because Ote accesses 
encrypted data files using unencrypted directory entries. 

The independent Claim 1 is directed to a computer system comprising a memory portion 
containing an encrypted data file and an operating system comprising a kernel. It is specified in 
Claim 1 that the kernel is configured to decrypt an encrypted directory entry to determine a 
location of the encrypted data file and to decrypt the encrypted data file to access data contained 
therein. As explained above, neither Marino nor Ote, cither alone or in combination, discloses a 
kernel configured to decrypt an encrypted directory entry to determine a location of an encrypted 
data file and to decrypt the encrypted data file to access data contained therein, as recited in 
Claim 1 . For at least these reasons, the independent Claim 1 is allowable over Marino, Ote, and 
their combination. 

Claims 2-25 and 59-63 are all dependent on Claim 1 . As explained above, the 
independent Claim 1 is allowable over Marino, Ote, and their combination. Accordingly, Claims 
2-25 and 59-63 are all also allowable as depending on an allowable base claim. 

The independent Claim 26 is directed to a computer system comprising a first device and 
a second device coupled to the first device and configured to exchange cipher data with the first 
device. It is specified in Claim 26 that the first device has an operating system kernel and a 
directory structure with directory information comprising encrypted data file names and 
corresponding encrypted data file locations for accessing encrypted data files within a file 
system, the operating system kernel configured to decrypt the encrypted data file names and 
encrypted data file locations using one or more encryption keys to recover clear data 
corresponding to the data file names, data file locations, and data files, the operating system 
kernel further configured to encrypt the clear data using the one or more encryption keys to 
generate cipher data corresponding to the directory information and encrypted data files. Neither 
Marino nor Ote, either alone or in combination, discloses a first device having an operating 
system kernel and a directory structure with directory information comprising encrypted data file 
names and corresponding encrypted data file locations for accessing encrypted data files within a 
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file system, the operating system kernel configured to decrypt the encrypted data file names and 
encrypted data file locations using one or more encryption keys to recover clear data 
corresponding to the data file names, data file locations, and data files, the operating system 
kernel further configured to encrypt the clear data using the one or more encryption keys to 
generate cipher data corresponding to the directory information and encrypted data files, as 
recited in Claim 26. For at least these reasons, the independent Claim 26 is allowable over 
Marino, Ote, and their combination. 

Claims 27-35 and 63-65 are all dependent on the independent Claim 26. As described 
above, the independent Claim 26 is allowable over Marino, Ote, and their combination. 
Accordingly, Claims 27-35 and 63-65 are all also allowable as depending on an allowable base 
claim. 

The independent Claim 36 is directed to a method of storing an encrypted data file in a 
computer file system having a directory. The method of Claim 36 comprises receiving a clear 
data file having a name and executing kernel code in an operating system, the kernel code 
configured to encrypt the clear data file to generate an encrypted data file using a symmetric key, 
store the encrypted data file at a location in the computer file system, and store in the directory an 
entry containing an encryption of the name and an encryption of the location. Neither Marino 
nor Ote, either alone or in combination, discloses executing kernel code in an operating system to 
encrypt a clear data file having a name to generate an encrypted data file using a symmetric key, 
store the encrypted data file at a location in a computer file system, and store in a directory in the 
computer file system an entry containing an encryption of the name and an encryption of the 
location, as recited in Claim 36. For at least these reasons, the independent Claim 36 is 
allowable over Marino, Ote, and their combination. 

Claims 37-45, 47, 66, and 67 are all dependent on the independent Claim 36. As 
described above, the independent Claim 36 is allowable over Marino, Ote, and their combination. 
Accordingly, Claims 3745, 47, 66, and 67 are all also allowable as depending on an allowable 
base claim. 

The independent Claim 48 is directed to a computer system comprising a processor, a 
physical memory, a secondary device coupled to the physical memory, and an operating system. 
It is specified in Claim 48 that the physical memory contains an encrypted data file and a 
directory, wherein the directory comprises a record having a first element corresponding to an 
encrypted name of the data file and a second element corresponding to an encrypted location of 
the data file in the memory. It is further specified in Claim 48 that the operating system 
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comprises a kernel that is configured to decrypt the first and second elements to access the 
encrypted data file from memory when transferring the data file from the memory to the 
secondary device and to re-encrypt the first and second elements when transferring the data file 
from the secondary device to the memory. Neither Marino nor Ote, either alone or in 
combination, discloses a directory that comprises a record having a first element corresponding 
to an encrypted name of a data file and a second element corresponding to an encrypted location 
of the data file in a memory, as recited in Claim 48. Furthermore, neither Marino nor Ote, either 
alone or in combination, discloses an operating system comprising a kernel that is configured to 
decrypt the first and second elements to access the encrypted data file from memory when 
transferring the data file from the memory to the secondary device and to re-encrypt the first and 
second elements when transferring the data file from the secondary device to the memory, as also 
recited in Claim 48. For at least these reasons, the independent Claim 48 is allowable over 
Marino, Ote, and their combination. 

Claims 49-52, 68, and 69 are all dependent on the independent Claim 48. As described 
above, the independent Claim 48 is allowable over Marino, Ote, and their combination. 
Accordingly, Claims 49-52, 68, and 69 are all also allowable as depending on an allowable base 
claim. 

Claims 59-69 

Within the Office Action, Claims 59-69 have been rejected under 35 U.S.C. § 103(a) as 
being unpatentable over Marino in view in view of Ote as applied to claims 1, 26, and 48, and 
further in view of U.S. Patent No. 6,938,166 to Sarfati et al. ("Sarfati"). The Applicants 
respectfully disagree. 

Claims 59-62 are all dependent on the independent Claim 1. As described above, the 
independent Claim 1 is allowable over Marino, Ote, and their combination. Accordingly, Claims 
59-62 are all also allowable as depending on an allowable base claim. 

Claims 63-65 are all dependent on the independent Claim 26. As described above, the 
independent Claim 26 is allowable over Marino, Ote, and their combination. Accordingly, 
Claims 63-65 are all also allowable as depending on an allowable base claim. 

Claims 66 and 67 are both dependent on the independent Claim 36. As described above, 
the independent Claim 36 is allowable over Marino, Ote, and their combination. Accordingly, 
Claims 66 and 67 are both also allowable as depending on an allowable base claim. 
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Claims 68 and 69 are both dependent on the independent Claim 48. As described above, 
the independent Claim 48 is allowable over Marino, Ote, and their combination. Accordingly, 
Claims 68 and 69 are both also allowable as depending on an allowable base claim. 

Claims 4-7, 9, 11, 14, 15, 17, 18, 27-29, 36-39, 41, and 49-51 

Within the Office Action, Claims 4-7, 9, 1 1, 14, 15, 17, 18, 27-29, 36-39, 41, and 49-51 
have been rejected under 35 U.S.C. § 103(a) as being unpatentable over Marino in view in view 
of Ote, in view of Sarfati, and further in view of U.S. Pub No. 2003/0005300 to Noble et al. 
("Noble"). The Applicants respectfully disagree. 

Marino and Ote have been characterized above. Sarfati is directed to downloading of 
data to an MPEG receiver/decoder, where the data is composed of individual modules. To 
manage these modules, Sarfati discloses a directory table 40, as illustrated in Figure 8. The 
directory table 40 includes a directory part 42 and an encrypted signature 46 for the entire 
directory table. The directory part 42 includes, for each module, a module name 50, a module 
extension 34, and a module signature 52. As Sarfati discloses in its Figure 9, the encrypted 
signature 46 is generated by encrypting a first byte (56), dummy data (58 and 66), an application 
validation bitmap (60), a signature (64), and reserved data (62). The directory itself is not 
encrypted. 

Sarfati further teaches "generating a directory signature for the directory; encrypting the 
directory signature using a private key; formatting the directory and the encrypted directory 
signature as a directory MPEG table; transmitting the directory and module MPEG tables . . ." 
(Sarfati, col. 6, lines 13-17) Accordingly, Sarfati draws a clear distinction between the directory 
signature, which is encrypted, and the directory itself, which is not encrypted. As described 
herein, Sarfati does not teach encrypting the directory itself. Sarfati teaches encrypting only the 
directory signature. 

Noble is directed to using a token that contains keys used to decrypt data when the token 
is within a predetermined range of a laptop and to encrypt data when outside that range. (Noble, 
Abstract) Noble does not teach using an encrypted directory. Specifically, like Marino, Ote, and 
Sarfati, Noble also does not disclose an operating system kernel configured to decrypt an 
encrypted directory entry to determine a location of the encrypted data file and to decrypt the 
encrypted data file to access data contained therein. 

Claims 4-7, 9, 11, 14, 15, 17, and 18 are all dependent on the independent Claim 1. As 
described above, the independent Claim 1 is allowable over Marino, Ote, and their combination. 
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Accordingly, Claims 4-7, 9, 11, 14, 15, 17, and 18 are all also allowable as depending on 
allowable base claims. 

Claims 27-29 are all dependent on Claim 26. As described above, the independent Claim 
26 is allowable over Marino, Ote, and their combination. Accordingly, Claims 27-29 are all also 
allowable as depending on an allowable base claim. 

Like Marino and Ote, neither Sarfati nor Noble discloses executing kernel code in an 
operating system to encrypt a clear data file having a name to generate an encrypted data file 
using a symmetric key, store the encrypted data file at a location in a computer file system, and 
store in a directory in the computer file system an entry containing an encryption of the name 
and an encryption of the location, as recited in the independent Claim 36. For at least these 
reasons, the independent Claim 36 is allowable over Marino, Ote, Sarfati, Noble, and their 
combination. 

Claims 37-39 and 41 are all dependent on the independent Claim 36. As described 
above, the independent Claim 36 is allowable over Marino, Ote, and their combination. 
Accordingly, Claims 37-39 and 41 arc all also allowable as depending on an allowable base 
claim. 

Claims 49-5 1 are all dependent on the independent Claim 48. As described above, the 
independent Claim 48 is allowable over Marino, Ote, and their combination. Accordingly, 
Claims 49-5 1 are all also allowable as depending on an allowable base claim. 

Claims 8, 10, and 30 

Within the Office Action, Claims 8, 10, and 30 have been rejected under 35 U.S.C. § 
103(a) as being unpatentable over Marino in view in view of Ote, Noble, and further in view of 
U.S. Patent No. 5,903,881 to Schrader et al. ("Schrader"). The Applicants respectfully disagree. 

Claims 8 and 10 are both dependent on the independent Claim 1 . As described above, the 
independent Claim 1 is allowable over Marino, Ote, and their combination. Accordingly, Claims 
8 and 10 are both also allowable as depending on an allowable base claim. 

Claim 30 is dependent on the independent Claim 26. As described above, the 
independent Claim 26 is allowable over Marino, Ote, and their combination. Accordingly, Claim 
30 is also allowable as depending on an allowable base claim. 
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Claims 12, 13, and 52 

Within the Office Action, Claims 12, 13, and 52 have been rejected under 35 U.S.C. § 
103(a) as being unpatentable over Marino in view of Ote, in view of Noble, and further in view 
of U.S. Patent No. 5,727,206 to Fish et al. ("Fish"). The Applicants respectfully disagree. 

Claims 12 and 13 are both dependent on the independent Claim 1. As described above, 
the independent Claim 1 is allowable over Marino, Ote, and their combination. Accordingly, 
Claims 12 and 13 are both also allowable as depending on an allowable base claim. 

Claim 52 is dependent on the independent Claim 48. As described above, the 
independent Claim 48 is allowable over Marino, Ote, and their combination. Accordingly, Claim 
52 is also allowable as depending on an allowable base claim. 

Claims 19, 21, 32, and 44 

Within the Office Action, Claims 19, 21, 32, and 44 have been rejected under 35 U.S.C. § 
103(a) as being unpatentable over Marino in view of Ote, in view of Noble, and further in view 
of U.S. Patent No. 6,836,888 to Basu et al. ("Basu"). The Applicants respectfully disagree. 

Claims 19 and 21 are both dependent on the independent Claim 1 . As described above, 
the independent Claim 1 is allowable over Marino, Ote, and their combination. Accordingly, 
Claims 19 and 21 are both also allowable as depending on an allowable base claim. 

Claim 32 is dependent on the independent Claim 26. As described above, the 
independent Claim 26 is allowable over Marino, Ote, and their combination. Accordingly, Claim 
32 is also allowable as depending on an allowable base claim. 

Claim 44 is dependent on the independent Claim 36. As described above, the 
independent Claim 36 is allowable over Marino, Ote, and their combination. Accordingly, Claim 
44 is also allowable as depending on an allowable base claim. 

Claims 20, 31, and 43 

Within the Office Action, Claims 20, 31, and 43 have been rejected under 35 U.S.C. § 
103(a) as being unpatentable over Marino in view of Ote, in view of Noble, and further in view 
of U.S. Patent No. 5,729,710 to Magee et al. ("Magee"). The Applicants respectfully disagree. 

Claim 20 is dependent on the independent Claim 1 . As described above, the independent 
Claim 1 is allowable over Marino, Ote, and their combination. Accordingly, Claim 20 is also 
allowable as depending on an allowable base claim. 
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Claim 31 is dependent on the independent Claim 26. As described above, the 
independent Claim 26 is allowable over Marino, Ote, and their combination. Accordingly, Claim 
3 1 is also allowable as depending on an allowable base claim. 

Claim 43 is dependent on the independent Claim 36. As described above, the 
independent Claim 36 is allowable over Marino, Ote, and their combination. Accordingly, Claim 
43 is also allowable as depending on an allowable base claim. 

Claims 22-24, 33-35, 45, and 47 

Within the Office Action, Claims 22-24, 33-35, 45, and 47 have been rejected under 35 
U.S.C. § 103(a) as being unpatentable over Marino in view of Ote, in view of Noble, and further 
in view of U.S. Patent No. 6,477,545 to LaRue ("LaRue"). The Applicants respectfully disagree. 

Claims 22-24 are all dependent on the independent Claim 1 . As described above, the 
independent Claim 1 is allowable over Marino, Ote, and their combination. Accordingly, Claims 
22-24 are all also allowable as depending on an allowable base claim. 

Claims 33-35 are all dependent on the independent Claim 26. As described above, the 
independent Claim 26 is allowable over Marino, Ote, and their combination. Accordingly, 
Claims 33-35 are all also allowable as depending on an allowable base claim. 

Claims 45 and 47 are both dependent on the independent Claim 36. As described above, 
the independent Claim 36 is allowable over Marino, Ote, and their combination. Accordingly, 
Claims 45 and 45 are both also allowable as depending on an allowable base claim. 

Claim 25 

Within the Office Action, Claim 25 has been rejected under 35 U.S.C. § 103(a) as being 
unpatentable over Marino in view of Ote, in view of Noble, and further in view of U.S. Patent 
Pub. No. 2002/0065876 to Chien et al. ("Chien"). The Applicants respectfully disagree. 

Claim 25 is dependent on the independent Claim 1 . As described above, the independent 
Claim 1 is allowable over Marino, Ote, and their combination. Accordingly, Claim 25 is also 
allowable as depending on an allowable base claim. 

Allowable Subject Matter 

Within the Office Action, it is stated that Claims 16 and 40 are objected to as being 
dependent on a rejected base claim, but would be allowable if rewritten in independent form to 
include all of the limitations of the base claim and any intervening claims. 
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As explained above, the independent Claims 1 and 36 are both allowable over Marino, 
Ote and their combination. Claims 16 and 40 are dependent on the independent Claims 1 and 36, 
respectively. Accordingly, Claims 16 and 40 are both also allowable as depending on an 
allowable base claim. 

Within the Office Action, it is also stated that claims 70 and 71 are allowed. 

CONCLUSION 

For the reasons given above, the Applicants respectfully submit that the independent 
Claims 1-45, 47-52, and 59-71 are in condition for allowance, and allowance at an early date 
would be appreciated. If the Examiner has any questions or comments, the Examiner is 
encouraged to call the undersigned at (408) 530-9700 so that any outstanding issues can be 
quickly and efficiently resolved. 

Respectfully submitted, 
HAVERSTOCK & OWENS LLP 



Dated: June 3, 2008 By: /Jonathan O. Owens/ 

Jonathan O. Owens 
Reg. No.: 37,902 
Attorneys for Applicants 
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